PACFE ANNUAL FRAUD CONFERENCE Thursday, August 12, 2010 Giant Community Center, Camp Hill PA TABLE OF CONTENTS 7:45 A.M. REGISTRATION, CONTINENTAL BREAKFAST & NETWORKING 8:15 A.M. WELCOME REMARKS & INTRODUCTIONS 8:30 A.M. DEMYSTIFYING DIGITAL FORENSICS JOHN J. SANCENITO…………………………………………………………………………………..1 INFORMATION NETWORK ASSOCIATES, INC. 10:10 A.M. REFRESHMENT BREAK & NETWORKING 10:25 A.M. HOT TOPICS IN PENNSYLVANIA FRAUD STEVEN J. LATZER…………………………………………………………………………………….2 MONTGOMERY COUNTY DEPUTY DISTRICT ATTORNEY & CHIEF OF STAFF 11:15 A.M. LEGAL ELEMENTS OF A FRAUD INVESTIGATION……..………………………………............3 THOMAS A. FRENCH, ESQUIRE RHOADS & SINON LLP 12:05 P.M. LUNCHEON & NETWORKING 12:55 P.M. FRAUD AND RISK MITIGATION: KNOWLEDGE & STRATEGIES……………..…………….…4 JOESEPH R. KRZYWICKI, CTP GARY J. BUKEAVICH, CTP PNC BANK TREASURY MANAGEMENT 1:45 P.M. MANAGING THE INTERNAL AND EXTERNAL EXPECTATIONS GAP MICHAEL BREON, CPA, CFE, CIA.………………………………………………………………..…5 PERTROLANCE, LLC 2:35 P.M. REFRESHMENT BREAK & NETWORKING 2:50 P.M. E DISCOVERY / IMPLICATIONS OF WEB 2.0 AND SOCIAL NETWORKS NATHAN C. PLATT, ESQUIRE…………..…………………………………………………….….…..6 4:30 P.M. CLOSING REMARKS
114
Embed
TABLE OF CONTENTS...Mr. Sancenito’s professional experience includes more than 12 years as a sworn Law Enforcement Officer. He is a former County Detective with the Cumberland County
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
PACFE ANNUAL FRAUD CONFERENCE Thursday, August 12, 2010 Giant Community Center, Camp Hill PA
JOHN J. SANCENITO…………………………………………………………………………………..1 INFORMATION NETWORK ASSOCIATES, INC. 10:10 A.M. REFRESHMENT BREAK & NETWORKING 10:25 A.M. HOT TOPICS IN PENNSYLVANIA FRAUD
STEVEN J. LATZER…………………………………………………………………………………….2 MONTGOMERY COUNTY DEPUTY DISTRICT ATTORNEY & CHIEF OF STAFF 11:15 A.M. LEGAL ELEMENTS OF A FRAUD INVESTIGATION……..………………………………............3
JOESEPH R. KRZYWICKI, CTP GARY J. BUKEAVICH, CTP PNC BANK TREASURY MANAGEMENT 1:45 P.M. MANAGING THE INTERNAL AND EXTERNAL EXPECTATIONS GAP
MICHAEL BREON, CPA, CFE, CIA.………………………………………………………………..…5 PERTROLANCE, LLC 2:35 P.M. REFRESHMENT BREAK & NETWORKING 2:50 P.M. E DISCOVERY / IMPLICATIONS OF WEB 2.0 AND SOCIAL NETWORKS
NATHAN C. PLATT, ESQUIRE…………..…………………………………………………….….…..6 4:30 P.M. CLOSING REMARKS
Information Network Associates, Inc. 5235 North Front Street Harrisburg, PA 17110
800-443-0824 717-599-5505 • 717-599-5507 (fax)
JOHN J. SANCENITO John J. Sancenito is the President of Information Network Associates, Inc. (INA); an investigative and corporate consulting firm headquartered in Harrisburg, Pennsylvania. INA offers a broad range of investigative services including fraud investigation, forensic accounting and digital forensics. Mr. Sancenito’s professional experience includes more than 12 years as a sworn Law Enforcement Officer. He is a former County Detective with the Cumberland County Pennsylvania District Attorney's Office, where he supervised the Insurance Fraud, Auto Theft, and Technical Services Units. He is the former Chairman of the Pennsylvania Insurance Fraud Prevention Authority Advisory Committee and a former member of the Pennsylvania Auto Theft Prevention Authority Advisory Committee. INA conducts investigations and risk management consulting for government and corporations nationwide. INA has been in business since 1982 and is the largest private investigative agency in the mid-state. INA has a staff of highly trained certified digital forensic technicians and a fully equipped digital forensic laboratory located near Harrisburg, Pennsylvania.
Demystifying Digital Demystifying Digital ForensicsForensics
• Questions to be answered:– What is digital forensics?– What are the applications of digital forensics?– What types of devices can be examined?– Is there really a difference between “Information
Technology” and “Digital Forensics”?
• Stages of Digital Forensics:– Acquisition– Authentication– Analysis– Documentation
• Case Study
What is Digital Forensics?
• Digital Forensics - collection, preservation, analysis, and presentation of electronic and computer-related evidence
• AKA:– “Computer Forensics”– “Data Forensics”
• Follows protocols that are objective, repeatable and withstand legal scrutiny
Applications of Digital Forensics
• Digital forensics is one of many tools available to support an audit, investigation or inquiry.
• Additional uses include identification of digital artifacts relative to:– Hidden assets– Infidelity / Evidence of Romantic Relationships– Pornography– Email and Instant Messenger History– Conflict of Interest– File Recovery– Child Custody– Record Falsification
Where is the Data?
What can be examined?• Servers• Magnetic tape data storage• Desktops• Laptops• PDA’s & Handhelds• CD / DVD / Blu-Ray• Flash drives (USB)• iPods / MP3 players• Digital cameras• Cell phones
From Herbert Roitblat, Ph.D, OrcaTec LLC (Ojai, CA)
Legal Authority
• Consent / Permission from the owner – Personally owned computers require
consent of owner– Spouse can generally
give consent for a
personally owned computer– For corporations, a well-documented IT
Acceptable Use Policy is critical• E-discovery motion granted by court• Court order: Judiciary insistence• Laws vary by jurisdiction
City of Ontario v. Quon (June 17, 2010)
• Several officers form an Ontario, California, police department were caught sending sexually explicit text messages on department issued two-way pagers.
• An appeals court ruled that because employees were informally given the option of paying for private messages, they had a right to reasonably expect the content of those messages to be private.
• The US Supreme Court reversed, holding that the search of Quon's text messages was reasonable and did not violate the 4th amendment. The search was motivated by a legitimate work-related purpose, and it was not excessive in scope.
Accessing Electronically Stored Data
• May be available from company server or may require access to device.
• Cached versions may be available on the device.
• Passwords for personal e-mail accounts may also be stored on device. – Personal accounts on third party devices
cannot be accessed without consent!
E-mail
Accessing Electronically Stored Data
Instant Messaging / Chat logs• Chat logs may be available on company
server or device
Internet Usage• Internet History logs of websites visited• Times accessed and length of time user
spent on website
Consent to Access Device
• Written Consent Statement• IT Acceptable Use Policy
– Does it cover what is being examined?• USB drive, hard drives, email server, file server• Are you permitted to have access to the physical
machine AND the data residing on it?• Ex: An individual can give you access to an email
server but are you actually permitted to review someone’s email?
• Laws can vary significantly (ex: Email Server in UK)
• All terms may refer to the same process of copying data bit-for-bit.
• Method and tools used determine end result:– Forensically sound:
• Duplicate that is a complete and accurate representation of the original data on a subject hard drive (as verified by hash)
– “Read/Write” Blockers:• Positioned between suspect hard drive and imaging device• Ensures original data will NOT be modified during imaging process• Examples - Digital Intelligence FireFly, Paraben Lockdown, etc
– Software available specifically for forensic data acquisition:• Examples – Forensic Toolkit (FTK), EnCase, etc
Acquisition: Imaging Example of Write Blocker
Acquisition: Imaging
Original (Subject) Drive
Evidence Drive
Acquisition: Mobile Imaging
Original (Subject) Drive
Evidence Drive(s)
Stage 2: Authentication
Authentication
What is a Hash?
ADF22C18DA95EE964AF994CE9F905A3031ED2175
ADF22C18DA95EE964AF994CE9F905A3031ED2175
Original (Subject) Hard Drive
Evidence Hard Drive
SHA1
SHA1
“DIGITAL FINGERPRINT”
HASHES MATCH - SUCCESS!
Mathematical comparison of data – if imaging is conducted properly, original data is unaffected by examiner’s actions.
Stage 3: Analysis
Analysis
Analysis: What can be Recovered?
• Normal / Deleted / Hidden files• Encrypted or password protected documents• Data relating to networks (LAN, WAN, etc)• Images (pornography)• Identification of “second set of books”• Other relevant data capture (e.g. email, other
correspondence, network and Internet usage, recently typed words or phrases, etc.)
• Web browsing activity• Document revisions
Analysis: Deleted Files
File One File Two
Apply For BOSCOV’s
Credit Today!
Type: VisaCC#: 1234- 5678-1234-
5678CVC: 123
BOSCOV’s Application
FN: JohnLN: Doe
Analysis: Deleted Files (cont.)
(Deleted) File One File Two
Apply For BOSCOV’s
Credit Today!
BOSCOV’s Application
FN: JohnLN: Doe
Type: VisaCC#: 1234- 5678-1234-
5678CVC: 123
Analysis: Deleted Files (cont.)
File Three File Two Slac
k
Una
lloca
ted
Spac
e
BOSCOV’s Application
FN: JohnLN: Doe
Type: VisaCC#: 1234- 5678-1234-
5678CVC: 123
Analysis: How Is It Found
• A Blend of Art and Science• File Type (not by file extension)
– File Header Analysis– Data Carving - Deleted Files, Unallocated
• Running searches for files, traversing the directory structure, double-clicking on files, right-clicking on files, copying files, etc. will CHANGE the state of files and the computer system
• The philosophy should be to minimize system impacts and specifically document all actions taken
Stage 4: Documentation
Documentation
Documentation
• Legal Authority and IT Acceptable Use Policy
• Documentation of the Evidence Scene• Chain of Custody• Forensic Imaging Process• Analysis of Dataset• Case Report
Documentation: Case Report
• Objective presentation of the facts using non-technical terms.
• Easily understood by a non-technical audience.
• Supported by evidence and analysis.
Analysis: Password Recovery
• “Brute Force”– Might be OK for weak encryption– Can task multiple computers to assist
• Registry obfuscation• Heuristics – Building a Dictionary
– Collection of registry information– Indexing of dataset– Analysis/interview of subject
Analysis – Steganography
Possible Uses for Steganography:
Maintaining anonymity
Pornography
Secret communications
Terrorism (alleged)
• Steganography is the art and science of hiding messages in such a way that no one other than the sender and recipient suspect the existence of the message
• Differs from encryption in that instead of protecting
data, “steg” will hide
it’s existence / messages do no attract attention to themselves
Analysis – Steganography (cont.)
!االضراب عند منتصف الليل What can be hidden in a digital picture?
(other) PicturesAudioText
Web pagesMany additional file
formats
Other files can also hosthidden information!
(i.e. – pictures within audio, audio within audio, etc.)
• Steganalysis is the art and science of detecting messages hidden using steganography
• Best case scenario:– original, unmodified file is available for comparison
Why Outsource Computer Examinations?
• Forensic work requires specialized utilities and specialized training.– Ensure all artifacts and evidence are
properly examined and placed in appropriate context.
– Prevent inadvertent modifications/deletions of evidence.
– Ensure court admissibility.• Investigative analysis is different than
traditional IT troubleshooting.• Ensure objectivity in reporting.• Ensure confidentiality.
How to Challenge Digital Forensics
• Question the process– Legal authority– Documentation
• Chain of Custody• Forensic procedures to image the dataset• Preservation of the original
– Forensic Tools (Software and Hardware)• Type, Version, Licensing• Functionality
How to Challenge Digital Forensics (cont.)
• Question the examiner– Experience and certifications– Actions taken for anomalies
• Question the conclusions– “Overstatement” of facts– Incomplete analysis
#2) Forensic Audit / Accounting
#1) Financial Discrepancy Encountered
#3) Digital Forensic Analysis
Case Study: $5.2 M
Embezzlement
Case Study: $5.2 M Embezzlement
• The General Accounting Manager of a multi-national, privately held corporation resigns.
• An executive overseas identifies a suspicious invoice from a vendor.
• Digital forensic conducted - analysis recovered deleted spreadsheets, emails, invoices, and documents.
• Vendor identified as a company owned by the former General Accounting Manager’s wife.
• Former Employee interviewed and confessed.
• Evidence turned over to the FBI. Accountant convicted of mail fraud, wire fraud, and money laundering.
Case Study: Conflict of Interest
• Sales Manager for a company leaves unexpectedly and is suspected being involved with a competitor.
• Computer returned after data had been deleted.
• A digital forensic examination is conducted on his laptop and desktop computers.
Steven J. Latzer is a Deputy District Attorney and Chief of Staff for the Montgomery County, PA Office of the District Attorney. As such, he manages all administrative functions of the office, supervises the Civil Forfeiture Unit, and handles all budget-related matters. Deputy Latzer also serves as a senior advisor to the Economic Crimes Unit, and prosecutes select high-profile criminal cases.
Prior to assuming the Chief of Staff position in 2008, Mr. Latzer
managed the Economic Crimes Unit within the Office. He was responsible for managing all white collar fraud investigations, and prosecuting the most significant economic crimes that occur within Montgomery County, including all insurance fraud and arson-related offenses. Mr. Latzer is also cross-designated as a Special Deputy Attorney General.
Mr. Latzer graduated from George Washington University in 1989
with a Bachelor of Arts Degree in International Affairs. In 1993, he received his law degree from the Villanova University School of Law. Mr. Latzer joined the District Attorney’s Office in 1998, and was promoted to Chief of the Economic Crimes Unit in 2002. In 2008, he was appointed Chief of Staff by District Attorney Risa Vetri Ferman. In January 2002 and January 2006, Mr. Latzer was awarded Special Commendations for outstanding service to the Office of the District Attorney. In 2003, he received the “Public Service Award” for outstanding achievement from the International Association of Special Investigative Units. In 2007, Mr. Latzer received his office’s highest recognition - the District Attorney’s Medal - for successfully prosecuting difficult economic and homicide cases. Mr. Latzer was also named “2007 Prosecutor of the Year” by the Delaware Valley International Association of Financial Crimes Investigators.
Mr. Latzer is an active member of the La Salle University Fraud & Occupational Abuse Advisory Board, the National White Collar Crime Center, the Association of Certified Fraud Examiners, and the International Association of Special Investigative Units. He is also an adjunct professor at LaSalle University and Montgomery County Community College, where he teaches Fraud, Criminal Justice, Criminal Law, and Criminal Investigation. Mr. Latzer routinely provides training
lectures to various law enforcement agencies, community groups, and students concerning criminal law, white-collar crime and other types of economic fraud.
600877.1
THOMAS A. FRENCH, ESQUIRE
Thomas A. French is the senior banking and business litigator at the Harrisburg,
Pennsylvania law firm of Rhoads & Sinon LLP. As part of his practice for the last 27 years, he
has represented banks, trust companies, and other fiduciaries in cases involving lender liability,
employment matters, asset recovery, professional and fiduciary liability, and estate and trust
disputes. In addition, Mr. French counsels corporate clients in their legal responsibilities and
liabilities regarding electronically stored information. In this area, Mr. French helps clients
develop systems to minimize the cost and liability associated with maintaining and producing
electronic data in litigation, and defends these systems when they are challenged in Court. He
has served as an adjunct faculty member at the Widener and Penn State Law Schools, and is a
veteran of the War in Afghanistan where he served as a JAG Officer with the United States
Army.
RHOADS & S1NON: n ,
.M1111111 11111111 Legal Elements of a Fraud Investigation
Elements of Fraud According to Pennsylvania State Law
• A Representation: • Material to the transaction at hand: • That is made falsely, with knowledge of its falsity or recklessness as to
whether it is true or false; • With the intent of misleading another into relying on it: • Justifiable reliance on the misrepresentation: • The resulting injury was proximately caused by the reliance.
• Gibbs..y_Erbst, 647 k2d 882, 889 (Pa. 1994).
0 2010 Rt.. BM.. Am
RHOADS & SINON,,,
Damages in Fraud Claims
• Actual loss
• Costs and expenditures incurred by injured party
• Nominal damages
• Punitive damages
20'10 R... SY. Li" •••n Ft, er.
1
RHOADS & SINON.p
E-Discovery
• Generally • Discovery is the ascertainment of that which was previously unknown;
the disclosure or coming to light of what was previously hidden; the acquisition of notice of knowledge of given acts or facts.°
• Black's Law Dictionary
RHOADS &
E-Discovery and the Federal Rules of Civil Procedure
• Rule 16(b) requires parties to consider electronically stored information (ESI) in their scheduling order/pre-trial conference.
• Rule 26(a) & (0 requires each party to provide a general description of available ESI and to create a discovery plan which lists what ESI will be relied upon, how ESI is stored, issues relating to privilege, and in what form the information will be produced.
',Mks • 1.3.41,5 - Ana 3 Ir.,. • 70saval
02010 Prowle Been1.19 •P•s•v•l
RHOADS &
E-Discovery — Duties to Preserve, Search, and Produce ESI
• Preservation • Legal Hold
• Search/Production
• Can be an expensive process
0.01,0,..• A.1 avg. Reis, el
2
RHOADS &SINON.p
Admissibility of Evidence
• Relevance
• Authenticity
• Hearsay
• Original Writing v. Duplicate
• Probative Value and Unfair Prejudice. etc.
CXn101.....9-en ILD n
RHOADS &SINON.,
Relevance
• Pa. R. Evid. 401 — "Relevant evidence' means evidence having any tendency to make the existence of any fact that is of consequence to the determination of the action more probable or less probable than it would be without the evidence.
• Identical to Fed. R. Evid. 401
• The threshold standard of relevancy is extremely low.
0 Wade Opal. WI ROM\
RHOADS &SINON,,,
Relevance (continued)
• Relevant evidence must be both "material" and have "probative value."
• Pa. R. Evid. 901(a) — The requirement of authentication as a condition precedent to admissibility is satisfied by evidence sufficient to support a finding that the matter in question is what its proponent claims.
• Identical to Fed. R. Evid. 901(a) • When a party offers evidence contending either expressly or impliedly that the
evidence is connected with a person, place, thing or event, the party must provide evidence suffident to support a finding of the contended connection.
•See Commonwealth
a,s4u1p4erA.626d 606 A
( .129d871?.0 " "2);
• MOcer 4.3 6.na V171.111,1,/ • a :I.W.711.
02010 Woof& Dna
RHOADS &
Hearsay
• Pa. R. Evid. 801(c) — "Hearsay° is a statement, other than one made by a declarant while testifying at the trial or hearing, offered in evidence to prove the truth of the matter asserted.
• Identical to the definition of 'hearsay" as found in Fed. R. Evid. 801(c) • Both the Pennsylvania and Federal Rules of Evidence have a multitude of
exceptions which permit the admissibility of hearsay evidence.
CIVIO RIteat 11 giro-I UP
4
RHOADS & SINON,,
Exclusion of Relevant Evidence
• Pa. R. Evid. 403 — Although relevant, evidence may be excluded if its probative value is outweighed by the danger of unfair prejudice, confusion of the issues, or misleading the jury, or by considerations of undue delay, waste of time, or needless presentation of cumulative evidence.
• Fed. R. Ovid. 403 — Although relevant, evidence may be excluded if its probative value is substantially outweighed by the danger of unfair prejudice, confusion of the issues, or misleading the jury, or by considerations of undue delay. waste of time, or needless presentation of cumulative evidence.
Ged,ears1.1.53••••• • 21.11,. • Ns Ls,' ••.: 01. I .of • a .12
www..C.13. 1 nat.Orn
02010 Mama Swen lla ...Vs listener,14
RHOADS & SINON”,
Original vs. Duplicative Documents
• Pa. R. Evid. 1003 —A duplicate is admissible to the same extent as an original unless (1) a genuine question is raised as to the authenticity of the original or (2) in the circumstances it would be unfair to admit the duplicate in lieu of the original.
• Identical to Fed. R. Evid. 1003
v.lwallracits . s ron :ant
20101.**e. anon LIP Al Ibgrts
RHOADS &
Exclusion of Relevant Evidence (continued) • The absence of the word "substantial' from Pa. R. Evid. 403 is intended to
conform the Rule to the rigidify to which Pennsylvania courts have balanced the countervailing considerations.
• Close questions in balancing relevancy and adverse consequences of an item of evidence shall be resolved in favor of admissibility.
• The purpose of testimony concerning the chain of custody is to prove that evidence has not be altered or changed from the time it was collected throughout production in court.
• The 'chain of custody' rule is a variation of the requirement under Fed. R. Evid. 901(a) that evidence must be properly authenticated or identified prior to being admitted. • United _States v. Tt_asig, 85 F.30 1207, 1213 (4. Cir. 1995).
le Sem UP All.prakrAnna
RHOADS &
Chain of Custody —Foundation for Admissibility
• Documentation of the methodology used in the forensic acquisition of ESI contained on storage media, such as hard drives
• Chain of custody of the ESI during and after the retrieval process
• MtrIce• • PO .11,1 .• 2,1 17/..t • -a73.11731
17 ea me Rms. sron a/ farts Res...el
RI-TOADS & SINONJ,,
Chain of Custody Testimony
• Includes documentation on how the data was gathered, transported, analyzed, and preserved for production
• This information is highly relevant because data can be easily altered.
6
RHOADS & SINON,.”
Discovery of Experts
• Expert Interrogatories • Expert Reports
trwwn-.1.7.xls-s
0 3010.1.....1 LL. ,tts Pete,.
RHOADS & SINON,i,
Rules of Evidence Governing Experts
• Pa. R. Evid. 702 — If scientific, technical or other specialized knowledge beyond that possessed by a layperson will assist the trier of fact to understand the evidence or to determine a fact in issue, a witness qualified as an expert by knowledge. skill, experience, training or education may testify thereto in the form of an opinion or otherwise.
• Pa. R. Evid. 702 differs from Fed. R. Evid. 702 only in that the words 'beyond that possessed by a lay person' have been added to the Pennsylvania Rule.
7010w.+011 Seca UP. NIIRP116.P•ss.
Daubed Standard for Expert Testimony
• Applicable to expert testimony in all federal court cases • Dauber( v. Merrell Dow Pharmaceuticals 509 U.S. 579 (1993). • District judges assume a 'gatekeeping' role to 'ensure that any and all scientific
testimony or evidence admitted is not only relevant, but reliable.' • A district judge must make a preliminary finding regarding whether the reasoning
and methodology employed by an expert is scientifically valid and can be applied to the facts in the particular dispute.
0 X. Lin
7
Daubert Factors of Scientific Reliability
• Whether the experts technique or theory can be or has been tested — that is, whether the expert's theory can be challenged in some objective sense or is instead a subjective, c,onclusory approach that cannot be reasonably assessed for reliability
• Whether the technique or theory has been subject to peer review and publication • The known or potential rate of error of the technique or theory when applied • The existence and maintenance of standards and controls • Whether the technique or theory has been generally accepted in the scientific
community
RHOADS &
Extension of Daubert
• Kumho Tire Co. v. Carmichael 526 U.S. 137 (1999).
• Extends the gatekeeping function to testimony also based on technical and other specialized knowledge and the determination of reliability of expert's testimony in light of the particular facts and circumstances of the particular case,
Ne St. Win kwat.
Frye Standard for Expert Testimony
• The Frye test directs that the "admissibility of the evidence depends upon the general acceptance of its validity by those scientists active in the field to which the evidence belongs.° Topa, 369 A.2d at 1281 (referring to the standard developed in Fryev, United States, 293 F. 1013 (D.C. Cir. 1923)).
• The Frye standard for expert testimony is currently only applicable under Pennsylvania law.
• Adopted by Pennsylvania in ammtanweelL y. Topa 369 A 2d 1277 (Pa.
8
Frye Standard —
General Acceptance Test
• The requirement of general acceptance in the scientific community assures that those most qualified to assess the general validity of a scientific method will have the determinative voice.' Toga, 369 A.2d at 1282.
• GradmFdlo-Lay Inc. — Frye standard continues to be the standard for expert testimony in Pennsylvania, despite the holding in Daubert.
• 576 Pa. 546, 839 A.2d 1038 (2003).
a a LIP nerved.
Reliance by Experts
• May not repeat another's opinion or data
• May testify by opinion or reference to an ultimate issue in the case in most circumstances
• Firsthand Knowledge
• Facts that have been stipulated or introduced into evidence prior to expert testimony
• Inadmissible Evidence • May still be relied upon by experts • Hearsay and facts that are normally relied upon by others in that expert's
profession or field of practice
020/0 6. LLP
9
Admissibility of Business Records
• Pennsylvania • Uniform Business Records as Evidence Act — 42 Pa. Cons. Stat. 6108 • Uniform Photographic Copies of Business and Public Records as
Evidence Act — 42 Pa. Cons. Stat. 6109
• Federal • Fed. R. Evid. 806(3) — Records of Regularly Conducted Activity
0 MO R.>. Seon este..
Disclosure of Facts and Data
• Disclosure of facts and data underlying expert's opinion • Pa. R. Evid. 705 — The expert may testify in terms of opinion or inference
and give reasons therefore; however, the expert must testify as to the facts or data on which the opinion or inference is based.
• Fed. R. Evid. 705 does not require an expert witness to disclose the facts upon which an opinion is based. The cross-examiner bears the burden of probing the basis of the opinion.
900
RHOADS &
Experts and Privileged Information
• Currently, Fed. R. Civ. P. 26 states that any materials furnished to an expert that he uses in forming his opinion are no longer privileged or otherwise protected.
• Amendment to Fed. R. Civ. P. 26, effective December 1, 2010. seeks to provide greater protection to communications between attorneys and their experts_
RHOADS & SINON.r,
10
1111111111111151111111111111111
Summaries of Books, Entries, and other Sources of Data
• 3 types of summaries per United States v. Bray 139 F.3d 1104 (6 . Cir. 1998).
• Pa. R. Evid. 1006 — The contents of voluminous writings, recordings or photographs which cannot conveniently be examined in court may be presented in the form of a chart, summary, or calculation. The onginals, or duplicates, shall be made available for examination or copying. or both, by other parties at reasonable time and place. The court may order that they be produced in court.
• Identical to Fed. R. Evid. 1006
91 .97010Rnos2.99ronll, P.9,999.6aned.
RHOADS &
RHOADS & SINONup
Summaries (continued)
• Distinction between summaries under Fed. R. Evid. 1006 and Fed. R. Evid. 611(a)
• Rule 1006 — the chart/summary itself is admitted as evidence • Rule 611(a) — the chart/summary is used to facilitate the presentation of
evidence already in the record and is not itself admissible
• In order to be property admitted under Rule 1006, the proponent of the evidence must demonstrate:
• That the writings/records are voluminous • That the originals themselves are admissible • That the originals can be made available to the litigants and the court if so
ordered That the summary/chart is a short restatement of the main points of a single document
11
Joseph R. Krzywicki, CTP ___________________________________________ Senior Vice President, Market Manager PNC Bank Treasury Management
Joe has spent the majority of his career assisting corporate clients with the design and implementation of solutions that generate working capital efficiencies while managing both internal and external risks. Joe is currently responsible for management of the business development process for treasury management clients. His primary market is Pennsylvania his teams assist clients in the manufacturing, real estate, wholesale, service, healthcare and public sectors. Joe also manages PNC Bank’s Treasury strategy for the Real Estate industry on a national basis. In this role he is responsible for developing and implementing a strategy that can be consistently applied across the PNC network to bring value to this unique and challenging industry. With his combination of experience from the provider and the user side of the financial services industry, Joe is able to identify and relate to business challenges and develop solutions through treasury management and technology applications. Business practices like accounting, budgeting and cash management can be simplified, automated, enhanced and controlled to improve a company’s competitive position. In addition to his primary focus, Joe has been integral in PNC’s acquisitions and integrations, including mentoring others from acquired institutions. Joe is a graduate of Villanova University where he majored in Finance. He is also pursuing a Master’s degree in Accounting from the University of Scranton. Joe enjoys community volunteer activities, and has worked for various community outreach organizations, including Good Shepherd School Board, Chair of the Good Shepherd School Development Committee, the United Way and coaching various youth sports. Joe is also active in the Treasury Management Association of Central PA where he serves as Vice President. Mr. Krzywicki’s contact information is listed below: Joseph Krzywicki PNC Bank 4242 Carlisle Pike Camp Hill, PA 17011 717-730-2272 [email protected]
Gary J. Bukeavich, CTP ___________________________________________ Vice President PNC Bank Treasury Management
Gary has been employed with PNC Bank since April 2008. With over 20 years of banking experience, he is responsible for the sale of Treasury Services to corporate and municipal clients throughout Lancaster, Berks, York, and Adams County. Previously, Gary held positions in Global Treasury Management and Commercial Lending. Gary is a graduate of King’s College, Wilkes-Barre, PA, where he received a Bachelor of Science degree in Business Administration. He received a Masters degree from Wilkes University. Additionally, he is an Honors’ graduate of the Central Atlantic School of Commercial Lending. Gary is a member of the Association for Financial Professionals; The World Trade Center of Central Pennsylvania; the Bankers Association for Finance and Trade; and volunteers for the Lancaster Chamber of Commerce; The Pennsylvania Economy League, and Junior Achievement. Mr. Bukeavich’s contact information is listed below: Gary Bukeavich PNC Bank 101 North Pointe Blvd Lancaster, PA 17601 717-735-5610 [email protected]
1
1
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Fraud and Risk Mitigation –Knowledge and Strategies
For
Central Pennsylvania - Association of Certified Fraud Examiners
Presented by:
Joe Krzywicki, CTP - Senior Vice President- Market Manager
Gary Bukeavich, CTP – Vice President – Treasury Management Officer
PNC Bank Treasury Management
2
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
FBI Philadelphia DivisionHarrisburg Resident AgencyComputer Crime Program
2
3
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
The Threat To Business
� Failure in Confidentiality/Integrity
– Loss of Customer Data
� Financial, Health Info.
– Loss of Intellectual Property
– Identity Theft
– Direct Financial Loss
– Reputational Damage
4
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
CURRENT FBI INVESTIGATIVE PRIORITIES
1. Protect the U.S. from terrorist attack 2. Protect the U.S. against foreign intelligence operations
and espionage3. Protect the U.S. against cyber-based attacks and high-
technology crimes4. Combat public corruption at all levels5. Protect civil rights6. Combat transnational/national criminal organizations7. Combat major white-collar crime8. Combat significant violent crime9. Support federal, state, local and international partners10. Upgrade technology for successful performance of the
FBI’s mission
3
5
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
60 Minutes – Sabotaging the System
6
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
� Crime follows money…
“Automated crime is conducted entirely in the time
-scale of computers, in only a few milliseconds…
no human interruption or interaction...
no human recognition until it is
completely finished and disappears...”
Donn B. Parker, Automated Crime
Copyright CSI 1999, All Rights Reserved
Information Age Crime
4
7
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Threat Follows Value
The 1950s American bank robber Willie Sutton was asked why he robbed banks. He said he robbed banks because,
“That’s where the money is.”
Today, the money is in Cyberspace
The Internet provides for criminals the two capabilitiesmost required for the conduct of criminal activities:
Anonymity & Mobility
8
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Access via Capability
MissilesICBM & SLBM
Bomber w/Nuke
1945 1955 1960 1970 1975 1985
Invasion
PrecisionGuidedMunitions ComputerCruise Missile
Today
Cost & Means of Attack
1990
Cost of
Capability
5
9
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
AFP News – January 2009 - Fraud Rises as Economic Crises permeates
“This month the theme is fraud and in these turbulent economic times, the risk of fraud is higher than ever.”
AFP Fraud Survey – March 2008“Seventy-one (71) percent of organizations experienced attempted or actual payments fraud in 2008, down 1% from 2007. Thirty (30) percent of survey respondents report that incidents of fraud increased over last year, down 9%. Checks continue to be the preferred target of thieves as nearly all organizations that experienced payments fraud were victims of attempted check fraud. Other targeted payment types for fraud include:
- ACH debits (28 vs 35 percent in 2007)- Consumer credit/debit cards (17 vs 18 percent in 2007)- Corporate purchasing cards (14 percent remained the same)- ACH Credits (7 percent)- Wire Transfers (6 percent).”
Fraud in the News!
10
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Environment
� Fraud Methods and Targets
– Prime Targets: Card and Online Banking
– Rising individual, corporate and bank losses
– Consumers more at risk than ever
– Corporates have IT infrastructure and other controls to mitigate risk
� Regulators pushing Financial Institutions to help protect consumers and corporations, but laws and regulations do not reduce corporate or individual ultimate exposure
� Security a priority for banks
� Internet channel increasingly critical to business
6
11
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Regulators: What have they done?
“The agencies consider single-factor authentication, as the only control mechanism, to be inadequate for high risk
transactions involving access to customer information or the movement of funds to other parties…”
� FFIEC…Federal Financial Institutions Examination Council
� Body of gov’t agencies responsible for regulating banksissued new guidance on authentication in response to increased threats and fraud cases
12
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
How were/are we protected?
Prior:Single factor:
� ID and password
Now:Layered Security Enhancements:
� Token� Digital certificate� Suspicious Behavior monitoring� ID Theft Security Grid� Logon Authentication� Transaction Anomaly monitoring
Something a personhas done versus now requested
7
13
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
� Approach using multiple algorithms and tests applied against segments of a signature
� Automated check stock verification and use of imbedded symbols
� Image analysis and pattern recognition technology
� Algorithms, behavioral and shape recognition, spacing etc.
� Bank use of issued check information to match every inbound item presented; mandatory internal review daily!
Issue Technical Solution
Check Security Issues
18
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Secure Seal EncodingEncoded graphic includes issue information
Positive PayPLUSDetects altered payee line and other variable fields
Digital Signature Verification Signature snippets analyzed for consistency and verification
Check Stock ValidationAnalyze all static elements of the check
Comprehensive Fraud Detection Solutions
10
19
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Check Fraud – Image Survivability
Image Survivability refers to the likelihood that a check security feature will still be useful after the check has been converted to an IRD or image.
Unfortunately, most security features today do not survive the image conversion process. However, work continues on new technologies that are survivable.
Image-Survivable Check Security Features (ICSF)
2D Bar Codes
20
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Check Fraud – Image Survivability
Q. If most features are not ICSF’s, do I still need secure check stock?A. Yes, because of “ordinary care” (UCC 3-103) and “comparative negligence” (UCC 3-406) standards
11
21
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Check Features- Fraud Prevention
Features to consider:
� Toner Lock
� Secure Font
� Void Pantograph
� Laid Lines
� Chemically reactive paper
� Microprinting
22
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
� Segregations of Duties
� Reconcile Bank Accounts
� Timely Report Fraud
� Train Reconcilement Employees
� Written Policy and Procedure
� Periodic Audits
� Securely Store Facsimile Signatures, Records, Documents
� Require Multiple Signatures for Large Dollar Checks
� Centralize Disbursements
� Know your Employees
� Enforce Mandatory Vacation Policy
� Utilize Secure Check Stock
� Use Bank Services!
Check Fraud - Prevention
12
23
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
The art of socially engineering an individual into giving up their personal information through one of many possible techniques.
Phishing/Vishing
24
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
User connects to legitimate webpage that has been compromised.
A program within that web
page calls out and
downloads a keylogger
Keylogger
13
25
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
ACH Fraud
� Phishing
� Unauthorized debits
26
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
ACH Fraud – Phishing Defenses
� Multi-factor authentication
� Dual control over database changes
� Token at log-in for funds transfer services
� Best Practice: Dedicated PC with no e-mail
14
27
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
ACH Fraud – Unauthorized Debits
� Like check fraud, only easier
– Use your account and routing number to make on-line purchases
� Leaves a better trail, but less physical effort/risk
– A key concern of NACHA’s Risk Management Advisory Group (RMAG)
– Recovery of funds possible but time consuming
� ODFI Warranties under Section 4.2
� Best Defenses
– Debit authorization
– UPIC (Universal Payment Identification Code)
28
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
ACH Debit Authorization
� Protects companies from unauthorized ACH debit transactions
� Block all
� Filtered – client provides the Bank a list of authorized companies allowed to debit the account.
15
29
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
ACH Positive Pay
� Any ACH debits not automatically paid can be reviewed online, where a “pay” or “return” decision can be made
30
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
A UPIC is a unique account identifier issued by financial institutions that allows companies to receive electronic payments without divulging confidential banking information.
� A UPIC looks and acts like a standard bank account
number, and travels through the ACH network with the
Universal Routing and Transit number
� Thus companies don’t have to be worried about listing UPIC information on their websites
� UPIC can only be used for ACH credit payments
16
31
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
What Else is Available to Protect You?
Organizations turn to a number of fraud control services provided by their banks, including:
� Positive Pay/Reverse Positive Pay/Payee Positive Pay� ACH debit blocks/Filters� “Post no checks” restriction on depository accounts
Organizations may opt out of particular fraud control services for a number of reasons:
� their management is confident that the organizations’ internal processes are adequate,
� the service is perceived to be too expensive, and/or;� the organization does not issue a sufficient number of checks to justify the cost.
Organizations can develop and/or modify internal business processes to mitigate potential payments fraud risks. Among the processes considered important include:
� Stopped providing payment instructions by phone or fax� Increased use of electronic payments for business-to-consumer and business-to-business
32
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
17
33
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
34
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
18
35
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Scams
� Nigerian 419 Scam
� Disaster Relief Fraud
� Inheritance Scams
� Lottery Scam
� Internet Auction Scam
� Phishing and Pharming
� Survey and Other Offer Scams
� Text Message Scams
� Telephone Scam
� ATM and Debit Card Scams
36
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
It’s not ALL about the Internet
19
37
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
ATM Scams
38
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
20
39
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
PIN Pad
40
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Card Skimming
21
41
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Card Skimming
42
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Card Skimming
22
43
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
44
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
23
45
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
46
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Laptop computer
Skimming
24
47
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Laptop computer
Skimming and PIN Capture
48
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
Summary
� Fraud & Data Security are rising issues
� Use of Multi-level Security shows promise with further evolution and application
� Flexibility woven into Products and Services can assist in preventing fraud and minimizing risk when used
� At PNC security and risk assessment are built into every product and carefully monitored
� Ease of use and relative security must be balanced with costs
� Education about fraud and risk is key to prevention!
25
49
This presentation is delivered by PNC on the condition that it be kept confidential and not be shown to,
or discussed with, any third party, including any financial institution (other than on a confidential or need-to-know
basis with the recipient’s directors, officers, employees, counsel and other advisors, or as required by law), or used
other than for the purpose of evaluating the services in this presentation,without PNC’s prior written approval.
QUESTIONS?
Michael Breon Pertrolance, LLC Harrisburg, PA 717-579-3277
Michael Breon is the founding Member of Pertrolance, LLC where he provides various internal audit and fraud consulting services. Prior to establishing Pertrolance, he was a senior manager in Deloitte’s Enterprise Risk Services practice. Mike’s corporate experience includes managing the retirement plans for the Hershey Company as well as serving in their Internal Audit Department. He also has fifteen years of varying experience in the construction industry. Mike’s past work in public accounting has also included leading audits in the medical, insurance, manufacturing, low income housing, and not for profit sectors. He is a Certified Public Accountant (CPA), Certified Internal Auditor (CIA), and a Certified Fraud Examiner (CFE). His recent client experience includes providing internal audit services primarily in the manufacturing and consumer business sectors. Mike graduated from Pennsylvania State University, Harrisburg with a B.S. in Professional Accountancy and later received his MBA from the same institution. He is a past President and currently 1st Vice President of the Central Pennsylvania Chapter of the Institute of Internal Auditors (IIA). Mike has co-authored and taught two of the IIA’s fraud programs “Internal Auditing for Fraud” and “Purchasing Fraud: Auditing and Detection Techniques”. His article, “Improving Client Relations” was published in the October 2009 edition of Internal Auditor Magazine. He is currently researching and writing a program on managing supply chain risk.
The expectation gap is the difference between what is required to be done (in this case based upon professional standards) verses what uninformed users of the work expect the outcome to be or include.
WHO IS SUPPOSED TO FIND FRAUD?• External Auditors• Internal Auditors• Loss Prevention• Management• Employees• Police• FBI• Customers• Vendors• Consultants• CFE’s
Fraud In Financial StatementsMany members of the public expect that:
• Auditors should accept prime responsibility for the financial statements• Auditors 'certify’ financial statements• An unqualified opinion guarantees the accuracy of financial statements • Auditors perform a 100% check • Auditors are supposed to detect all fraud
These Misconceptions Are Essentially the Expectations Gap.
NATHAN C. PLATT, ESQUIRE Nathan C. Platt, Esquire graduated from the State University of New York at Fredonia in 1999 earning a Bachelor of Science in Accounting. In 2004, Attorney Platt received his Juris Doctor from the University of Pittsburgh School of Law. While at law school he served as Editor-In-Chief of the University of Pittsburgh School of Law Journal of Technology Law and Policy. He also interned at Deloitte & Touch, LLP in its Taxation program and was a finalist in the Murray S. Love Trial Moot Court Competition.
In addition, Nathan earned his Master of Business Administration (MBA) from Clarkson University in 2000. While earning his MBA, he served as Lead Consultant for the business school’s Canadian-U.S. Business Consulting Service. In 2000, Nathan was awarded Clarkson University’s Graduate School of Business’s Leadership Award. After attending business school, Nathan worked for IBM’s Technology Division in Burlington, Vermont. While at IBM, he served in IBM’s Capital Equipment Engineering group working with equipment engineers to strategize and negotiate the purchase of semiconductor equipment for IBM’s global semiconductor line. While working for IBM, Nathan conducted global business with IBM partners in England, France, Ireland, and Singapore. Attorney Platt is a member of the Pennsylvania Bar and York County Bar Associations and serves on the board of the United Way of York County. Nathan has been a small business owner and franchisee in Syracuse, New York. Attorney Platt’s areas of practice include business law, commercial litigation, wealth preservation and tax planning, real estate transactions, and technology law.
e-Discovery and Implications of Web 2.0 and Social
Education: JD- University of Pittsburgh School of Law; Editor-In-Chief of the
Journal of Technology Law and Policy; MBA - Clarkson University; BS in Accounting
– State University of New York at Fredonia
Robert C. Fratto, Esquire
Attorney
Background:
Education:
(AGENDA)
What is e-Discovery?
Why e-Discovery is Important?
Updates on Recent Case Law.
Changes to the Federal Rules of Civil Procedure.
Web 2.0 What? Social Networking What?
Basic Guidelines and Best Practices on How to Deal with
e-Discovery Issues.
(Presentation Scope)
The handling of legal issues depends on the unique facts of each
case, circumstance and applicable law.
This program is not intended to provide specific legal advice on any
particular matter, but is designed to give general information which
we hope will be of interest to you.
7 Trillion emails are sent annually and growing;
The average employee deals with 60-200 emails daily;
CYA Emails
E-Discovery Basics
Only 0.01% of newly created information is stored in paper. Peter Lyman & Hal Varian, How Much Information? (Berkeley)
“30[%] of electronic information is never printed to paper.” SEDONA PRINCIPLES: Best Practices, Recommendations & Principles for Addressing Electronic Document Production
E-Discovery Basics
1. It’s easier to create than paper information;
2. People save multiple drafts and forms of the information until
we finally have a final version;
3. Electronic information is so easy to store and save;
“Characteristics of electronic information”
4. It’s also easy to forget about because its hidden;
5. Email communications are generally less formal and
thoughtful than other correspondence;
6. People are more likely to make candid comments in
electronic correspondence, which can have significant
impact in litigation;
7. Multiple Dynamic Formats.
“Characteristics of electronic information”
Today, an estimated 93 to 97 percent of documentary